diff options
author | Darren Tucker <dtucker@zip.com.au> | 2016-04-08 21:14:13 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2016-04-08 21:21:27 +1000 |
commit | 5f41f030e2feb5295657285aa8c6602c7810bc4b (patch) | |
tree | 734cac54186b893082a675a1b8a13db410cd8f33 | |
parent | 34a01b2cf737d946ddb140618e28c3048ab7a229 (diff) |
Remove NO_IPPORT_RESERVED_CONCEPT
Replace by defining IPPORT_RESERVED to zero on Cygwin, which should have
the same effect without causing problems syncing patches with OpenBSD.
Resync the two affected functions with OpenBSD. ok djm, sanity checked
by Corinna.
-rw-r--r-- | configure.ac | 5 | ||||
-rw-r--r-- | readconf.c | 4 | ||||
-rw-r--r-- | serverloop.c | 9 |
3 files changed, 6 insertions, 12 deletions
diff --git a/configure.ac b/configure.ac index f9fb48d12..dde3c4589 100644 --- a/configure.ac +++ b/configure.ac | |||
@@ -586,9 +586,8 @@ case "$host" in | |||
586 | [Define if you want to disable shadow passwords]) | 586 | [Define if you want to disable shadow passwords]) |
587 | AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], | 587 | AC_DEFINE([NO_X11_UNIX_SOCKETS], [1], |
588 | [Define if X11 doesn't support AF_UNIX sockets on that system]) | 588 | [Define if X11 doesn't support AF_UNIX sockets on that system]) |
589 | AC_DEFINE([NO_IPPORT_RESERVED_CONCEPT], [1], | 589 | AC_DEFINE([IPPORT_RESERVED], [0], |
590 | [Define if the concept of ports only accessible to | 590 | [Cygwin has no notion of ports only accessible to superusers]) |
591 | superusers isn't known]) | ||
592 | AC_DEFINE([DISABLE_FD_PASSING], [1], | 591 | AC_DEFINE([DISABLE_FD_PASSING], [1], |
593 | [Define if your platform needs to skip post auth | 592 | [Define if your platform needs to skip post auth |
594 | file descriptor passing]) | 593 | file descriptor passing]) |
diff --git a/readconf.c b/readconf.c index c692f7dd2..d63e5961d 100644 --- a/readconf.c +++ b/readconf.c | |||
@@ -294,14 +294,12 @@ void | |||
294 | add_local_forward(Options *options, const struct Forward *newfwd) | 294 | add_local_forward(Options *options, const struct Forward *newfwd) |
295 | { | 295 | { |
296 | struct Forward *fwd; | 296 | struct Forward *fwd; |
297 | int i; | ||
298 | #ifndef NO_IPPORT_RESERVED_CONCEPT | ||
299 | extern uid_t original_real_uid; | 297 | extern uid_t original_real_uid; |
298 | int i; | ||
300 | 299 | ||
301 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 && | 300 | if (newfwd->listen_port < IPPORT_RESERVED && original_real_uid != 0 && |
302 | newfwd->listen_path == NULL) | 301 | newfwd->listen_path == NULL) |
303 | fatal("Privileged ports can only be forwarded by root."); | 302 | fatal("Privileged ports can only be forwarded by root."); |
304 | #endif | ||
305 | /* Don't add duplicates */ | 303 | /* Don't add duplicates */ |
306 | for (i = 0; i < options->num_local_forwards; i++) { | 304 | for (i = 0; i < options->num_local_forwards; i++) { |
307 | if (forward_equals(newfwd, options->local_forwards + i)) | 305 | if (forward_equals(newfwd, options->local_forwards + i)) |
diff --git a/serverloop.c b/serverloop.c index f9e3e5d14..3563e5d42 100644 --- a/serverloop.c +++ b/serverloop.c | |||
@@ -1243,12 +1243,9 @@ server_input_global_request(int type, u_int32_t seq, void *ctxt) | |||
1243 | /* check permissions */ | 1243 | /* check permissions */ |
1244 | if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || | 1244 | if ((options.allow_tcp_forwarding & FORWARD_REMOTE) == 0 || |
1245 | no_port_forwarding_flag || | 1245 | no_port_forwarding_flag || |
1246 | (!want_reply && fwd.listen_port == 0) | 1246 | (!want_reply && fwd.listen_port == 0) || |
1247 | #ifndef NO_IPPORT_RESERVED_CONCEPT | 1247 | (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && |
1248 | || (fwd.listen_port != 0 && fwd.listen_port < IPPORT_RESERVED && | 1248 | pw->pw_uid != 0)) { |
1249 | pw->pw_uid != 0) | ||
1250 | #endif | ||
1251 | ) { | ||
1252 | success = 0; | 1249 | success = 0; |
1253 | packet_send_debug("Server has disabled port forwarding."); | 1250 | packet_send_debug("Server has disabled port forwarding."); |
1254 | } else { | 1251 | } else { |